JDBC Tomcat auth 403 after login / role not taken in account

Question

I have set up my environnement like follows but after the login it says access denied like if the role wasn't set up correctly.

Here some infos:

• I use BASIC auth and as long as I type in wrong username or password, the browser login form reappears. When I type in the right username and pass it goes away and I get the access denied message
• If I configure <role-name>*</role-name> I don't get the 403 and after the login I can access the protected page
• The console doesn't show any error message

web.xml

    <security-role>
        <role-name>USER</role-name>
    </security-role>
    <security-role>
        <role-name>ADMIN</role-name>
    </security-role>
     <!--<security-role>
    <role-name>*</role-name>
    </security-role>-->
    
    <security-constraint>
        <display-name>IndexPage</display-name>
        <web-resource-collection>
            <web-resource-name>start</web-resource-name>
            <url-pattern>/pages/protected/*</url-pattern>
        </web-resource-collection>
        <auth-constraint>
        <!--<role-name>*</role-name> -->
            <role-name>USER</role-name>
            <role-name>ADMIN</role-name>
        </auth-constraint>
    </security-constraint>
    
    <login-config>
        <auth-method>BASIC</auth-method>
    </login-config>

server.xml

<Engine defaultHost="localhost" name="Catalina">
<Realm className="org.apache.catalina.realm.JDBCRealm"
connectionURL="jdbc:mysql://localhost:3306/jsfdb?user=root"
driverName="com.mysql.jdbc.Driver"
roleNameCol="role_name" 
userCredCol="password"
userNameCol="username1"
userRoleTable="user_role"
userTable="user"
/>

Database

user data

user_role data

Answer 1

The problem was that in the username field from the user_role table the value the primary key of the user table was. Expected is the actual username so I fixed it in changing the PK from id to the username. The db looks like this now:

God I hate Java